GDPR Compliance Statement

Last updated: May 2026

1. Scope and Approach

This statement summarizes how this website is operated to support GDPR-aligned processing. It reflects currently implemented controls and does not claim certifications, external audits, or monitoring capabilities unless explicitly stated in signed contracts or internal records.

2. Data We Process Through This Website

  • Contact form data (name, email, message, and optional business details).
  • Meeting booking data (name, email, date/time, timezone, optional notes/company).
  • Consent records (privacy consent flag, policy version, consent timestamp).
  • Minimal anti-abuse/rate-limit records used for service protection.

3. Legal Bases

  • Article 6(1)(b): steps prior to contract and responding to service inquiries.
  • Article 6(1)(f): legitimate interest for security, fraud prevention, and service reliability.
  • Article 6(1)(a): consent where requested, including optional cookies.
  • Article 6(1)(c): legal obligations (e.g., accounting/compliance duties where applicable).

4. Technical and Organizational Controls (Implemented)

  • HTTPS enforcement and transport security headers.
  • Request origin checks and server-side input validation/sanitization.
  • Rate limiting and restricted access to stored data files.
  • Security headers on website and API responses.
  • Data retention limits applied in application logic.

These controls reduce risk but do not eliminate all security risk.

5. Data Retention

Website inquiry and meeting-request records are retained for up to 24 months unless a longer retention period is required by law or by a signed commercial agreement.

6. Your GDPR Rights

You may request access, rectification, erasure, restriction, objection, or portability where applicable. You may also withdraw consent for consent-based processing.

Contact: privacy@elevanty.com

7. Complaints

You may lodge a complaint with the Belgian Data Protection Authority (APD/GBA).

Address: Rue de la Presse 35, 1000 Bruxelles, Belgium

Phone: +32 (0)2 274 48 00

Email: contact@apd-gba.be

Website: www.autoriteprotectiondonnees.be

8. Updates

This statement is updated when processing activities or legal requirements change.